<!doctype html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/testharness-helpers.js"></script>
<body>
<script>
function addFrame(url) {
  var i = document.createElement('iframe');
  i.src = url;
  document.body.appendChild(i);
  return i;
}

// Set cookies on ORIGINAL_HOST, then move ourselves to TEST_ROOT so
// we can verify registrable domain and cross-origin behavior.
if (window.location.hostname == "127.0.0.1") {
    window.location.hostname = ORIGINAL_HOST;
} else if (window.location.hostname == ORIGINAL_HOST) {
    clearKnownCookies();
    document.cookie = STRICT_DOM + "=1; SameSite=Strict; Max-Age=100; path=/";
    document.cookie = LAX_DOM + "=1; SameSite=Lax; Max-Age=100; path=/";
    document.cookie = UNSPECIFIED_DOM + "=1; Max-Age=100; path=/";
    // SameSite=None cookies must be Secure.
    document.cookie = NONE_DOM + "=1; SameSite=None; Secure; Max-Age=100; path=/";
    window.location.hostname = TEST_HOST;
} else {
    test(_ => {
        clearKnownCookies();
        assert_equals(document.cookie, "");

        document.cookie = STRICT_DOM + "=2; SameSite=Strict; domain=" + TEST_HOST + "; path=/";
        document.cookie = LAX_DOM + "=2; SameSite=Lax; domain=" + TEST_HOST + "; path=/";
        document.cookie = UNSPECIFIED_DOM + "=2; domain=" + TEST_HOST + "; path=/";
        document.cookie = NONE_DOM + "=2; SameSite=None; Secure; domain=" + TEST_HOST + "; path=/";
        assert_equals(document.cookie, STRICT_DOM + "=2; " + LAX_DOM + "=2; " + UNSPECIFIED_DOM + "=2; " + NONE_DOM + "=2");
    }, "Set cookies for TEST_HOST");

    // Framed
    promise_test(_ => {
      var frame;
      return new Promise(r => {
        window.onmessage = e => {
          var http_cookies = e.data.http;
          assert_equals(http_cookies[STRICT_DOM], "2", "strict http");
          assert_equals(http_cookies[LAX_DOM], "2", "lax http");
          assert_equals(http_cookies[UNSPECIFIED_DOM], "2", "unspecified http");
          assert_equals(http_cookies[NONE_DOM], "2", "none http");

          var dom_cookies = e.data.document;
          assert_equals(dom_cookies, STRICT_DOM + "=2; " + LAX_DOM + "=2; " + UNSPECIFIED_DOM + "=2; " + NONE_DOM + "=2");

          r();
        };
        frame = addFrame("https://" + TEST_HOST + ":8443/cookies/resources/post-cookies-to-top.php");
      });
    }, "Same-origin frame receives all SameSite cookies.");

    promise_test(_ => {
      var frame;
      return new Promise(r => {
        window.onmessage = e => {
          var http_cookies = e.data.http;
          assert_equals(http_cookies[STRICT_DOM], undefined, "strict http");
          assert_equals(http_cookies[LAX_DOM], undefined, "lax http");
          assert_equals(http_cookies[UNSPECIFIED_DOM], undefined, "unspecified http");
          assert_equals(http_cookies[NONE_DOM], "1", "none http");

          var dom_cookies = e.data.document;
          assert_equals(dom_cookies, NONE_DOM + "=1");

          r();
        };
        frame = addFrame("https://" + ORIGINAL_HOST + ":8443/cookies/resources/post-cookies-to-top.php");
      });
    }, "Cross-origin frame receives no SameSite cookies.");

    // Nested Frames
    promise_test(_ => {
      var frame;
      return new Promise(r => {
        window.onmessage = e => {
          var http_cookies = e.data.http;
          assert_equals(http_cookies[STRICT_DOM], "2", "strict http");
          assert_equals(http_cookies[LAX_DOM], "2", "lax http");
          assert_equals(http_cookies[UNSPECIFIED_DOM], "2", "unspecified http");
          assert_equals(http_cookies[NONE_DOM], "2", "none http");

          var dom_cookies = e.data.document;
          assert_equals(dom_cookies, STRICT_DOM + "=2; " + LAX_DOM + "=2; " + UNSPECIFIED_DOM + "=2; " + NONE_DOM + "=2");

          r();
        };
        frame = addFrame(
            "https://" + TEST_HOST + ":8443/cookies/resources/frame.php?url=" +
            encodeURIComponent("https://" + TEST_HOST + ":8443/cookies/resources/post-cookies-to-top.php")
        );
      });
    }, "Same-origin frame nested in same-origin frame receives all SameSite cookies.");

    promise_test(_ => {
      var frame;
      return new Promise(r => {
        window.onmessage = e => {
          var http_cookies = e.data.http;
          assert_equals(http_cookies[STRICT_DOM], undefined, "strict http");
          assert_equals(http_cookies[LAX_DOM], undefined, "lax http");
          assert_equals(http_cookies[UNSPECIFIED_DOM], undefined, "unspecified http");
          assert_equals(http_cookies[NONE_DOM], "2", "none http");

          var dom_cookies = e.data.document;
          assert_equals(dom_cookies, NONE_DOM + "=2");

          r();
        };
        frame = addFrame(
            "https://" + ORIGINAL_HOST + ":8443/cookies/resources/frame.php?url=" +
            encodeURIComponent("https://" + TEST_HOST + ":8443/cookies/resources/post-cookies-to-top.php")
        );
      });
    }, "Same-origin frame nested in cross-origin frame receives no SameSite cookies.");

    promise_test(_ => {
      var frame;
      return new Promise(r => {
        window.onmessage = e => {
          var http_cookies = e.data.http;
          assert_equals(http_cookies[STRICT_DOM], undefined, "strict http");
          assert_equals(http_cookies[LAX_DOM], undefined, "lax http");
          assert_equals(http_cookies[UNSPECIFIED_DOM], undefined, "unspecified http");
          assert_equals(http_cookies[NONE_DOM], "1", "none http");

          var dom_cookies = e.data.document;
          assert_equals(dom_cookies, NONE_DOM + "=1");

          r();
        };
        frame = addFrame(
            "https://" + TEST_HOST + ":8443/cookies/resources/frame.php?url=" +
            encodeURIComponent("https://" + ORIGINAL_HOST + ":8443/cookies/resources/post-cookies-to-top.php")
        );
      });
    }, "Cross-origin frame nested in same-origin frame receives no SameSite cookies.");

    promise_test(_ => {
      var frame;
      return new Promise(r => {
        window.onmessage = e => {
          var http_cookies = e.data.http;
          assert_equals(http_cookies[STRICT_DOM], undefined, "strict http");
          assert_equals(http_cookies[LAX_DOM], undefined, "lax http");
          assert_equals(http_cookies[UNSPECIFIED_DOM], undefined, "unspecified http");
          assert_equals(http_cookies[NONE_DOM], "1", "none http");

          var dom_cookies = e.data.document;
          assert_equals(dom_cookies, NONE_DOM + "=1");

          r();
        };
        frame = addFrame(
            "https://" + ORIGINAL_HOST + ":8443/cookies/resources/frame.php?url=" +
            encodeURIComponent("https://" + ORIGINAL_HOST + ":8443/cookies/resources/post-cookies-to-top.php")
        );
      });
    }, "Cross-origin frame nested in cross-origin frame receives no SameSite cookies.");
}
</script>
